Comments on: Network reconfigurationhttp://itknowledgeexchange.techtarget.com/itanswers/network-reconfiguration/
Tue, 31 Mar 2015 20:39:26 +0000hourly1By: blankreghttp://itknowledgeexchange.techtarget.com/itanswers/network-reconfiguration/#comment-70864
Wed, 25 Nov 2009 08:37:14 +0000#comment-70864First thing I would do is decide the subnets for each school. It is easier to give each one the same subnet mask, even if the amount of It equipment is vastly different. Also, do you need to provide separate networks for students, staff and admin ? My guess would be to allocate a /24 subnet to each of these, but also leave space so if one school expands, the subnetting is still contiguous.

My guess would be to use a /22 mask for each school. with the first two /24 subnets for students, and the others for staff and admin. Each subnet is a different VLAN. It is useful to break it up like this mainly for security. Also in the future this is not a process you want to repeat, so making this decision now, will make changes in the future a lot easier. So the subnets are like this (use your own addresses if these are already allocated to the schools, and expecially if they host any services themselves)

School A
Students 10.0.4.0/24 and 10.0.5.0/24
Staff 10.0.6.0/24
Admin 10.0.7.0/24

School B
Students 10.0.8.0/24 and 10.0.9.0/24
Staff 10.0.10.0/24
Admin 10.0.11.0/24

and so on.

On the DHCP server at the central site, create scopes for each subnet. Make sure you exclude the subnet and broadcast address for each of these (the .0 and .255 addresses) and also exclude the address you will use for the layer 3 device on each subnet (for routing to the other subnets).

On every site you should use a layer 3 switch to route between the subnets, and to the central site. The Cisco Catalyst 3560-8PC is an absolute bargain for this. It has 8 10/100 Mbps interfaces, and an SFP interface that can support fibre. It does all the layer 3 you need, including routing protocols such as EIGRP. The 10/100 is almost certainly fast enough between the subnets on site, and feeding to the central site.

Then look at how each one connects to the central site, which I presume will still provide the Internet access and some centralised resources. If it is fibre, then that is easy and the layer 3 switch will do the job. If it is a WAN link (Frame Realy or leased line) then you need a router, which you connect between the l3 switch and the WAN service.

One thing to remember is that you need to configure DHCP relay (or forwarding) to pass the DHCP requests from the end user machine to the DHCP server. It is a simple config, but allows you to have a centralised DHCP service. Configure this on the L3 switches for every VLAN.

At the central site I would look at a bigger L3 switch, just because of the number of connections it will need to make. Don’t do any router on a stick config, the throughput will suffer terribly, and all you will get is user complaints. If your DHCP server sends out the correct addresses for the domain controller, the routing will take care of the rest, and all the schools will communicate.

Adopting this approach will give you a good foundation for development of the network. Adding other services, such as VoIP will be easier if you have already set up a subnetted network, as it is easy to add more VLANs for this purpose. It may look a bit daunting, but if you use a step by step approach, and plan the changes first, then it should all go smoothly. I have done many such networks, and the benefits well worth the effort.

As Mshen said, post any more questions in the discussion and we will try to help further.

]]>By: cragsdale32http://itknowledgeexchange.techtarget.com/itanswers/network-reconfiguration/#comment-70833
Tue, 24 Nov 2009 17:43:07 +0000#comment-70833if cost is an issue, you can set up 7 layer 3 switches to do everything mentioned in this thread so far, except the DHCP service, but if you use a DHCP server(service on a server) at each location this won’t present any issues. You can still set up static routing between each location, mesh topology for connection redundancy etc. Mshen has outlined pretty much exactly what you need for each location IP wise and routing wise. The security (ACLs, Port security etc) is up to you and your team on how you want it layed out. with 7 layer 3 switches you can VLAN the entire network with realative easy also. Just be sure you use router-on-a-stick method to transport back to the central router.

Check out Cisco.com and browse through some of their tech support pages for more info on setting up your network this way.

School A has a subnet name of 10.194.142.0/24 and an IP sorting string of 10.194.142.000/24. School A also has a subnet name of 10.194.143.0/24 and an IP sorting string of 10.194.143.000/24. (Data Network – Lanspan IP)

This same school A has a subnet name/ip sorting string of 10.194.184.192/27 (Transport Subnet – Private – VPN/Lanspan IP) . The range of IP addresses are 10.194.184.193 through to 10.194.184.222. This is a similar setup in each school.

So, if I understand correctly, school A will have a DHCP scope from 10.194.142.0 to 10.194.143.255 with a 255.0.0.0 subnet mask for DHCP purposes. The router’s IP address is 10.194.184.222 (which is the gateway). As you had indicated, the DNS setting on each computer would point back to the DC’s IP address. Is this correct?

Three of the seven schools have fibre connections from the past. There is no router at these schools. How can these three schools participate in this setup? Will I need a layer 3 switch in these environments so that these Lanspan circuits cn point to the headend?